Senior Security Consultant

Job Description – Senior Security Consultant (Splunk SIEM | SOAR | UEBA | Blue & Red Teaming) Location:APJC (India/Singapore/Australia/NZ) – Hybrid / Remote Role Type:Full-Time – Security Consulting Practice Reports To:VP – APJC, Operational Intelligence & CybersecurityAbout Prudent Prudent is aglobal Splunk-certified partnerwith advanced expertise acrossSecurity, Observability, Operational Intelligence, and AI-driven analytics , operating across APJC, EMEA, and the Americas. We deliver large-scale SIEM, SOAR, UEBA, and Security Analytics programmes for telecom, BFSI, government, transport, healthcare, and enterprise clients. We are expanding ourCybersecurity & Threat Analytics Practiceand are seeking ahigh-calibre Senior Security Consultantwho is deeply knowledgeable, hands-on, and capable of acting as our internalsecurity subject matter expert (SME)andcustomer-facing trusted advisor .Role Overview We are looking for anexceptional, end-to-end Security Consultantwith strong expertise in: •Splunk SIEM (Enterprise Security) •Splunk SOAR •Splunk UEBA / Risk-Based Alerting (RBA) •Threat Detection & Anomaly Detection •Vulnerability Management & Threat Intelligence •Identity Security & Access Analytics •Blue Teaming + Red Teaming methodologiesThis consultant will serve as ourgo-to security expert , responsible for designing, building, and optimizing security detection frameworks, incident workflows, threat models, and advanced analytics.You will work closely with customers, internal engineering teams, and leadership to deliveroutcome-based cybersecurity solutions .Key Responsibilities 1. Splunk Security Stack – Architecture, Delivery & Optimisation • Architect, deploy, and optimizeSplunk Enterprise Security (ES) ,SOAR , andUEBAsolutions. • Build correlation searches, risk rules, risk notables, and dashboards aligned toMITRE ATT&CK . • ImplementRisk-Based Alerting (RBA)with identity/data enrichment. • Configure playbooks, automations, workflows, and integrations for SOAR. • Develop security use cases based on customer environment, threat landscape, and compliance needs.2. Threat Detection & Incident Response • Build advanced detection formalware, lateral movement, insider threats, identity abuse, cloud misconfigurations, APT behaviours, phishing, and anomalous activity . • Perform triage automation, incident enrichment, and response orchestration using Splunk SOAR. • Improve detection rules, mapping to frameworks such as MITRE, NIST, CIS, and Zero Trust.3. Blue Teaming & Red Teaming Skills • Strong understanding of attack chains, adversary emulation, exploitation techniques, and lateral movement. • Assist in threat hunting, purple team exercises, and post-incident investigations. • Work with red teams to create detections for new TTPs across the kill chain.4. Security Architecture & Governance • Provide end-to-end security advisory across SIEM/SOAR/UEBA, identity, vulnerability, cloud security, and network security. • Work with clients to implementsecurity governance models , KPIs, SLAs, and continuous improvement plans. • Conduct data onboarding, CIM alignment, data model acceleration, and log source hygiene reviews.5. Vulnerability, Threat Intelligence & Identity Analytics • Build content for vulnerability prioritisation, exploit insights, and exposure management. • Integrate threat intel feeds, STIX/TAXII, and other sources for detection enrichment. • Develop identity-based detections using Okta/Azure AD/IDP logs and behaviour patterns.6. Customer Leadership & Advisory • Act as thetrusted advisorfor all Splunk security topics. • Lead workshops, assessments, and roadmap sessions with CXO/security leadership. • Provide training, knowledge transfer, and capability uplift to customers and internal teams.Mandatory Skills & Experience Splunk Expertise (Must-Have) • 4–10+ years working withSplunk Enterprise Security, SOAR, and UEBA • Strong in SPL, correlation searches, data models, risk rules, and notable tuning • Hands-on experience withplaybook development in SOAR (Python/YAML) • Deep knowledge ofCIM alignment , index design, data onboarding, and ingestion hygieneCyber Security Expertise (Must-Have) • Strong understanding ofnetwork security, endpoint, logging, identity security, cloud security, vulnerability management • Blue Teaming (Detection Engineering, IR workflows, alert triage, threat hunting) • Red Teaming (attack simulation, APT TTPs, exploit knowledge, lateral movement) • MITRE ATT&CK, cyber kill chain, Zero Trust, NIST CSF • Strong knowledge ofthreat detection & anomaly detection frameworksTechnical Breadth Experience with at least 5 of the following preferred: • Endpoint: CrowdStrike, Carbon Black, Defender • Firewalls: Palo Alto, Cisco, Fortinet • Cloud Security: AWS/Azure/GCP logging & analytics • Threat Intel Platforms: MISP, Anomali • Identity: Okta, Azure AD, Ping • Vulnerability: Qualys, Tenable, Rapid7 • Other SIEM/SOAR platforms (QRadar, Sentinel, Arcsight, Exabeam)Soft Skills & Leadership • Excellent communication and consulting skills • Ability to run customer workshops independently • Strong problem-solving and analytical thinking • Ability to handle pressure and lead critical incident response • Experience working in high-stakes enterprise environmentsQualifications Preferred Certifications(not mandatory but desirable): • Splunk Enterprise Security Admin • Splunk SOAR Administrator / Consultant • Splunk Core + Power User • Splunk ITSI (good to have) • CEH, OSCP, GCIA, GCIH, GCFA, Security+, CISSP (bonus)Why Join Prudent? • Work withelite global clientsacross telecom, BFSI, government, and large enterprises • Opportunity to leadnext-gen security projects across APJC • Exposure toSplunk + Cisco security ecosystem • Fast career progression intoLead Security Architect / Practice Lead roles • Work with a global team of high-performing Splunk consultants